If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Is what I am doing illegal?

Scenario: I have a server at home which is listening on port 80 out to the WWW.
I also have a domain name for my webserver. The webserver is not publicly available, not in Google etc. Basically, you have to know either the domain name or IP to get into it.
Well if I were to run a few clientside attack's on my webserver for testing purposes only and someone out of pure curiousity visits my server because he looked over my shoulder when I was on the site, would that be his own fault or me committing a crime?

Scenario: I have a server at home which is listening on port 80 out to the WWW.
I also have a domain name for my webserver. The webserver is not publicly available, not in Google etc. Basically, you have to know either the domain name or IP to get into it.
Well if I were to run a few clientside attack's on my webserver for testing purposes only and someone out of pure curiousity visits my server because he looked over my shoulder when I was on the site, would that be his own fault or me committing a crime?

Scenario: I have a server at home which is listening on port 80 out to the WWW.
I also have a domain name for my webserver. The webserver is not publicly available, not in Google etc. Basically, you have to know either the domain name or IP to get into it.
Well if I were to run a few clientside attack's on my webserver for testing purposes only and someone out of pure curiousity visits my server because he looked over my shoulder when I was on the site, would that be his own fault or me committing a crime?

Technically it would be yours. Although your intention is that the site be "private", obscuring the existence of the site merely by not allowing it to be listed via google does not make it private. It is public as long as there is a possibility of someone accessing it without restriction. If, however, you were to create an entry page requiring whoever happens to come across the site to login, presumably with credentials known only to you, then it would be their fault should they force their way in.

"The goal of every man should be to continue living even after he can no longer draw breath." ~ShadowKill

Scenario: I have a server at home which is listening on port 80 out to the WWW.
I also have a domain name for my webserver. The webserver is not publicly available, not in Google etc. Basically, you have to know either the domain name or IP to get into it.
Well if I were to run a few clientside attack's on my webserver for testing purposes only and someone out of pure curiousity visits my server because he looked over my shoulder when I was on the site, would that be his own fault or me committing a crime?

If your Webserver is available from the internet then it is publicly available <period>. Just because it isn't in Google, doesn't mean it isn't on the internet. Google, believe it or not, is NOT the internet.

If you're using it for testing porpoises, then it shouldn't be accessible from the public.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Scenario: I have a server at home which is listening on port 80 out to the WWW.
I also have a domain name for my webserver. The webserver is not publicly available, not in Google etc. Basically, you have to know either the domain name or IP to get into it.
Well if I were to run a few clientside attack's on my webserver for testing purposes only and someone out of pure curiousity visits my server because he looked over my shoulder when I was on the site, would that be his own fault or me committing a crime?

1) This probably breaks your ISP's Terms of Service.
2) If someone stumbles upon your site and you somehow exploit/damage their machine/data it's your fault.
3) Why not simply limit access to your web server to traffic originating via the same IP. (i.e.: Your traffic to your web server bound to an external IP should end up source and destination the same assuming you're NAT'd internally). From an internal machine if you go to www.whatismyip.com do you get the IP your web server is bound to? (From what you've described you should).

I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Thanks for the replies people, very good to know indeed.
But let's say the webserver is running on a non-standard port such as 6112?
Or what if there is a login page which says: Non authorized access prohibited! The password is NOT vesoazfg, and once vesoazfg is typed in, you are forwarded to the client side attacks. Then what? :P

But instead of forwarding port 80 on the router, I changed the webserver to listen only on 127.0.0.1 and from now on, I will simply log into my SSH and tunnel firefox through it in order to view the website.

Originally Posted by thorin

1) This probably breaks your ISP's Terms of Service.
2) If someone stumbles upon your site and you somehow exploit/damage their machine/data it's your fault.
3) Why not simply limit access to your web server to traffic originating via the same IP. (i.e.: Your traffic to your web server bound to an external IP should end up source and destination the same assuming you're NAT'd internally). From an internal machine if you go to www.whatismyip.com do you get the IP your web server is bound to? (From what you've described you should).

Thanks for the replies people, very good to know indeed.
But let's say the webserver is running on a non-standard port such as 6112?

As others pointed out running on a non-standard port will only delay the inevitable.

Or what if there is a login page which says: Non authorized access prohibited! The password is NOT vesoazfg, and once vesoazfg is typed in, you are forwarded to the client side attacks. Then what? :P

I still don't think this will cover you. You can have no trespassing signs up on your property but if someone comes on your property and gets hurt you're still accountable (Unless you have a fence/guard dog etc. i.e.: apply the reasonable man test to a mechanism which would actually keep someone out).

But instead of forwarding port 80 on the router, I changed the webserver to listen only on 127.0.0.1 and from now on, I will simply log into my SSH and tunnel firefox through it in order to view the website.

If the web server is only bound to localhost then why not just bring it inside your router and let it have a NAT'd address and then don't bother SSH tunneling at all? If it has an internal NAT'd address there's no need to forward a port or tunnel anything.

You'll just http://192.168.1.3 (er whatever) and your router will do the local routing per RFC 1918.

I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Thanks for the replies people, very good to know indeed.
But let's say the webserver is running on a non-standard port such as 6112?
Or what if there is a login page which says: Non authorized access prohibited! The password is NOT vesoazfg, and once vesoazfg is typed in, you are forwarded to the client side attacks. Then what? :P

But instead of forwarding port 80 on the router, I changed the webserver to listen only on 127.0.0.1 and from now on, I will simply log into my SSH and tunnel firefox through it in order to view the website.

Yes, I do

Why make it accessible at all? What would be the point?

If you need access to your machine from the outside world for some reason, then you should consider doing it via VPN so your box is always hidden from the real world.

Then you don't need to worry about mucking about with anything else.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.